-
41.发明授权Exchange of network access control information using tightly-constrained network access control protocols 有权使用严格约束的网络访问控制协议交换网络访问控制信息公开(公告)号:US08104073B2
公开(公告)日:2012-01-24
申请号:US11857111
申请日:2007-09-18
申请人: Stephen R. Hanna
发明人: Stephen R. Hanna
摘要: In general, techniques are described for securely exchanging network access control information. The techniques may be useful in situations where an endpoint device and an access control device perform a tightly-constrained handshake sequence of a network protocol when the endpoint device requests access to a network. The handshake sequence may be constrained in a variety of ways. Due to the constraints of the handshake sequence, the endpoint device and the access control device may be unable to negotiate a set of nonce information during the handshake sequence. For this reason, the access control device uses a previously negotiated set of nonce information and other configuration information associated with the endpoint device as part of a process to determine whether the endpoint device should be allowed to access the protected networks.
摘要翻译: 通常,描述了用于安全地交换网络访问控制信息的技术。 当端点设备和访问控制设备在端点设备请求访问网络时执行网络协议的紧密约束的握手序列的情况下,这些技术可能是有用的。 握手顺序可以以各种方式来限制。 由于握手序列的限制,端点设备和访问控制设备可能在握手序列期间无法协商一组随机数信息。 为此,访问控制设备使用与端点设备相关联的先前协商的随机数信息和其它配置信息作为过程的一部分,以确定是否允许端点设备访问受保护的网络。
-
公开(公告)号:US08103909B2
公开(公告)日:2012-01-24
申请号:US12400574
申请日:2009-03-09
申请人: Stephen R. Hanna
发明人: Stephen R. Hanna
IPC分类号: G06F11/00
CPC分类号: G06F21/575
摘要: In general, techniques are described for hardware-based detection and automatic restoration of a computing device from a compromised state. Moreover, the techniques provide for automatic, hardware-based restoration of selective software components from a trusted repository. The hardware-based detection and automatic restoration techniques may be integrated within a boot sequence of a computing device so as to efficiently and cleanly replace only any infected software component.
摘要翻译: 通常,描述了用于基于硬件的检测和从受损状态自动恢复计算设备的技术。 此外,这些技术提供了从受信任的存储库自动,基于硬件的选择性软件组件的恢复。 基于硬件的检测和自动恢复技术可以集成在计算设备的引导序列中,以便有效且干净地替换任何感染的软件组件。
-
公开(公告)号:US07996713B2
公开(公告)日:2011-08-09
申请号:US12334611
申请日:2008-12-15
申请人: Stephen R. Hanna
发明人: Stephen R. Hanna
IPC分类号: G06F11/00
CPC分类号: H04L41/0869 , G06F21/577 , H04L9/3271 , H04L41/0806 , H04L41/082 , H04L41/0856 , H04L63/029 , H04L63/08 , H04L63/145 , H04L67/02 , H04L69/40 , H04L2209/56
摘要: A method performed by a primary server includes receiving integrity criteria and sending a health check request to a secondary server based on the received integrity criteria. The method also includes receiving integrity information from the secondary server and checking the integrity information against the integrity criteria. The method further includes initiating a non-compliance action if the integrity information does not comply with the integrity criteria.
摘要翻译: 主服务器执行的方法包括接收完整性标准,并根据接收到的完整性标准向第二服务器发送健康检查请求。 该方法还包括从辅助服务器接收完整性信息并根据完整性标准检查完整性信息。 该方法还包括如果完整性信息不符合完整性标准,则启动不合规动作。
-
公开(公告)号:US06230266B1
公开(公告)日:2001-05-08
申请号:US09243575
申请日:1999-02-03
IPC分类号: H04L900
CPC分类号: H04L9/3268
摘要: An authentication method and process are provided. One aspect of the process of the present invention includes authorizing a first on-line revocation server (OLRS) to provide information concerning certificates issued by a certificate authority (CA) that have been revoked. If the first OLRS is compromised, a second OLRS is authorized to provide certificate revocation information, but certificates issued by the CA remain valid unless indicated by the second OLRS to be revoked.
摘要翻译: 提供了认证方法和过程。 本发明的方法的一个方面包括授权第一在线吊销服务器(OLRS)提供关于由已被撤销的证书颁发机构(CA)颁发的证书的信息。 如果第一个OLRS受到损害,则第二个OLRS被授权提供证书吊销信息,但由CA颁发的证书仍然有效,除非第二个OLRS指示要撤销。
-
-
-
搜索结果
44 条记录 (耗时 0.032 秒)
